VNG Corporation, one of Vietnam’s largest technology companies suffered a data breach that led to the leaking of login credentials of more than 163 million of its game accounts. The leaked data was offered for sale on Raidforums.com, a forum for database trading, by a user who claimed to be in possession of information linked to 163,666,400 Zing ID accounts.
In a press release on April 29th, VNG would not confirm the data breach but did say that it had “been informed of a risk involving data leak of [more than] 160 million Zing IDs” back in 2015. Zing IDs are accounts used for login to multiple VNG services including its online games, web and mobile entertainment, and the older versions of the company’s popular music streaming site Zing MP3.
The 160 million data files equal 7.6 gigabytes of data and include information on accounts including the account’s username, password, e-mail address, phone number, full name, date of birth, IP address, as well as city and country of residence.
Although VNG said that it had taken “timely technical measures” to prevent and contain such a breach the company admitted that a number of accounts had been compromised, but did not state the exact number of accounts.
According to a company statement, “The scale of the breach was limited, mostly involving game accounts without affecting other VNG services and that almost 99% of the compromised Zing IDs had not been used for over a year.
VNG also runs Zalo, Vietnam’s largest social media platform with over 80 million registered users as of August 2017, as well as emerging mobile payment service ZaloPay. The company says that the data leak does not affect Zalo and ZaloPay accounts, which are registered separately from Zing IDs.
In discussing the data breach a VNG spokesperson said, “We are truly sorry and would like to offer our sincere apologies to our customers for the inconvenience. We commit ourselves to protecting customers’ rights and online safety, and are resolved to address any issue related to the breach.